| From: | Marc Herbert <Marc(dot)Herbert(at)continuent(dot)com> |
|---|---|
| To: | pgsql-jdbc(at)postgresql(dot)org |
| Subject: | java UTF8 etc. (Re: Upgrading driver from 7.4 to 8.1) |
| Date: | 2006-05-29 10:24:56 |
| Message-ID: | khjmzd1ku13.fsf_-_@meije.emic.fr |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-jdbc |
Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> writes:
> FWIW, I think that Java clients don't need to worry about those security
> issues. It's not possible for Java to emit an invalidly-coded UTF8
> string, is it? I thought that the internal representation of strings
> is UCS2 or UCS4, and if so, it would take some exceedingly broken
> code in the JVM for the output not to be valid UTF8.
It's UTF-16, just like Windows XP and above.
http://java.sun.com/developer/technicalArticles/Intl/Supplementary/
FYI there are two ways to output UTF8:
DataOutputStream.writeUTF()
outputs a non-standard UTF8, and is limited in size.
>From 1.4:
Charset.forName("UTF-8")....encode()
outputs standard UTF8
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Markus Wollny | 2006-05-29 12:01:43 | Re: Upgrading driver from 7.4 to 8.1 |
| Previous Message | Markus Schaber | 2006-05-29 07:54:35 | Re: Security hole in 8.1.3 with respect to invalidly-encoded |